Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Translate the Joel Test to DFIR / threat intel #21

Open
krmaxwell opened this issue Mar 6, 2015 · 2 comments
Open

Translate the Joel Test to DFIR / threat intel #21

krmaxwell opened this issue Mar 6, 2015 · 2 comments
Labels
post

Comments

@krmaxwell
Copy link
Owner

http://www.joelonsoftware.com/articles/fog0000000043.html
@sroberts
Copy link

sroberts commented Mar 6, 2015

Awwwww that'd be sick!

@krmaxwell krmaxwell added the post label Apr 2, 2015
@krmaxwell
Copy link
Owner Author

So what would go into an equivalent sloppy test to measure the maturity of a threat intel program? For starters:

  • Do you capture all your IR reports into a central repository for review?
  • Do you extract intelligence at all appropriate levels (strategic, operational, tactical) from your own incidents?
  • Have you defined intelligence requirements based on the needs of your organization and sector?

Relevant: http://ryanstillions.blogspot.com/2014/04/the-dml-model_21.html

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
post
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sroberts @krmaxwell